Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2025, 15:27

General

  • Target

    84589744.pdf

  • Size

    18KB

  • MD5

    7566ebdd1de9d10543fa3f46b79b03fa

  • SHA1

    406893c5bfc74c3bc9a4b5d2fdeb99c9ad880e83

  • SHA256

    5bfa5cb5fe37bd3a9dfd8c98cd08f065bbc4e16204f7f1a265f589e057fae143

  • SHA512

    51b6babd0ddc8abfcfdde32093c6bfb9dc1a684f89e3c5874e6e45adee54b5697ffa779bedaf3017b599462c7028632d44f65e1bcc6a6f91e873e7826a64c544

  • SSDEEP

    384:47Hz7PfgDgr2btzQxNFib8Nzl1YQlEo+slsgokub9BPtZ6Vn61tKVT+Dqxbu:+7gkr2bc+Ql3+FJ/b91Knc0i

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\84589744.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2568

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    48097bb117e2097ba7c12ea38e359754

    SHA1

    9f662d737edd71ca6c718549a06dd680185d46af

    SHA256

    2f3f71abd82d62fcad5caa711cf5d99daef572bda1791b3db0078b803cbb0cd7

    SHA512

    786bafbfa8824b20aa7fe90ab6d7c4b2c7509296baf154fb948fdc7cf9c4a702702dd0ef990281590bc63ae77f22a061e29c3a398cdfa52c058faa70512e6092